Tetskyi A. Methods of information technology of ensuring cybersecurity of content management systems during creation of Web applications

Українська версія

Thesis for the degree of Candidate of Sciences (CSc)

State registration number

0420U100881

Applicant for

Specialization

  • 05.13.06 - Інформаційні технології

03-07-2020

Specialized Academic Board

Д 64.062.01

National Aerospace University "Kharkiv Aviation Institute"

Essay

Object of research – processes of obtaining unauthorized access and protection of management functions of content management systems; the aim of research – ensuring the requirements for cybersecurity of content management systems based on the development and practical use of methods of assess the success attack rate and the choice of countermeasures in a limited budget; research methods – mathematical apparatus of set theory and probability theory, methods for solving integer programming problems, methods of neural network modeling; results – methods of information technology to ensure cybersecurity of content management systems, which allow to assess the success attacks rate with the use of attack trees and to ensure the requirements for cybersecurity by reasoned choice of protection measures in accordance with their impact on attacks; novelty – for the first time, the method for ensuring cybersecurity of content management systems has been proposed, which, unlike the known ones, is based on the choice of countermeasures, taking into account their compatibility, which allows to ensure the acceptable value of the attacks success rate at the lowest cost; the content management systems cybersecurity assessing method has been improved by using attack trees and determining the basic events parameters, taking into account the complexity of their implementation and detection, which makes it possible to ensure the veracity of the assessment by using the results of audit and penetration testing; the method of choosing penetration testing tools using neural networks has been further developed by taking into account various combinations of their characteristics, which allows to provide detection of existing potential vulnerabilities; the degree of implementation – the results were implemented at the HAKEN Ltd, National Aerospace University “Kharkiv Aviation Institute”; industry – content management systems

Files

Similar theses